Monday, July 21, 2014


The last two blogs discussed attacks and one approach for determining adequate defense expenditure. We already know the thieves’ budget (see ).  The last blog peeked at low hanging fruit by examining one way to increase throughput by reducing gates (creating a html tag based standard for data transmission from personal electronic device to a secure point of presence shares the cost across all segments of the payment data transport industry,  just saying). Now, I want to address a method of attack within the taxonomy of attacks (namely intercept of payer data) that also seems like a good place to spend defense dollars. I want to address what I call a camouflage attack.

I think a definition is on order. For the purposes of this blog a camouflage attack is unauthorized data residing within a payment hub used to intercept payer data. To determine the presence of the attack I created data radar.  Let M be a known static area of memory within a payment hub and J be a bit mask image taken of M within a Time T. I can then express a bogie (B) on the radar as:

And if B > | J | + ∆ its time to alert a human, STAT!

Next Blog: A General Defensive Budget

No comments:

Post a Comment